diff options
Diffstat (limited to 'sql/sql_plugin.cc')
| -rw-r--r-- | sql/sql_plugin.cc | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc index 4279cc25010..5fd3d0f0f6b 100644 --- a/sql/sql_plugin.cc +++ b/sql/sql_plugin.cc @@ -729,9 +729,9 @@ static st_plugin_dl *plugin_dl_add(const LEX_CSTRING *dl, myf MyFlags) This is done to ensure that only approved libraries from the plugin directory are used (to make this even remotely secure). */ - if (check_valid_path(dl->str, dl->length) || - check_string_char_length((LEX_CSTRING *) dl, 0, NAME_CHAR_LEN, + if (check_string_char_length((LEX_CSTRING *) dl, 0, NAME_CHAR_LEN, system_charset_info, 1) || + check_valid_path(dl->str, dl->length) || plugin_dir_len + dl->length + 1 >= FN_REFLEN) { my_error(ER_UDF_NO_PATHS, MyFlags); @@ -1846,6 +1846,9 @@ static void plugin_load(MEM_ROOT *tmp_root) LEX_CSTRING name= {str_name.ptr(), str_name.length()}; LEX_CSTRING dl= {str_dl.ptr(), str_dl.length()}; + if (!name.length || !dl.length) + continue; + /* there're no other threads running yet, so we don't need a mutex. but plugin_add() before is designed to work in multi-threaded |